{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:78767411-0b78-5a08-a977-0b0f158d74a6", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2", "type": "library", "group": "org.eclipse.jetty.osgi", "name": "jetty-osgi-project", "version": "9.4.53.v20231009-tuxcare.2", "purl": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:21682a42-985b-5e4d-a076-84e488dabab8", "id": "CVE-2020-25711", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-25711 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:20ed47fd-bac8-5d7c-9c7f-32fe8c344013", "id": "CVE-2020-27216", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2020-27216 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a323631e-00dc-5e57-9a9e-c25c15fc7d2a", "id": "CVE-2021-28169", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-28169 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:1401d2c5-698f-54a6-95fc-f9081762e316", "id": "CVE-2021-34428", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2021-34428 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:83bad5b9-b5c4-5c55-81bf-2e8649e94c49", "id": "CVE-2023-36478", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36478 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:4ac47936-1a9d-5076-89d2-fbbadf343478", "id": "CVE-2023-36479", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-36479 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:30839e28-a13c-508d-b872-211b6acb301f", "id": "CVE-2023-40167", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-40167 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:c3b7cf67-2d11-5ea0-bf5a-03b0e4292349", "id": "CVE-2023-41900", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2023-41900 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e705c5a6-159b-57ef-949b-58e492eee1f4", "id": "CVE-2024-13009", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-13009 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7881921f-f977-5322-9674-d9fb760d0ec4", "id": "CVE-2024-22201", "analysis": { "state": "resolved", "detail": "Vulnerability CVE-2024-22201 is fixed in version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0dac4b61-8f52-56ec-8f73-ba8a0ca1ba2c", "id": "CVE-2024-6762", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6762 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:0a01aab6-55dc-5a2f-95ca-e876d49a3890", "id": "CVE-2024-6763", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-6763 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:ba24432b-deb2-5b8d-b4a4-a11f337eddd3", "id": "CVE-2024-9823", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2024-9823 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:f0a37655-3e7e-587e-aa7e-505af52a6f2d", "id": "CVE-2025-11143", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-11143 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:a223b2d8-bae8-59ec-8ee0-01302620e31d", "id": "CVE-2025-1948", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-1948 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:7eddaba8-1e9d-592d-9150-a305dbbbc783", "id": "CVE-2025-5115", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2025-5115 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:6040f9f8-ec49-5ccc-a124-036720c46651", "id": "CVE-2026-1605", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-1605 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:413b96c7-20d7-54bf-80b0-bf145575f7a4", "id": "CVE-2026-5795", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-5795 affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }, { "bom-ref": "urn:uuid:e241cc2f-9223-5f46-8bf6-0ebf6b4dcf92", "id": "GHSA-58qw-p7qm-5rvh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-58qw-p7qm-5rvh affects version 9.4.53.v20231009-tuxcare.2 of org.eclipse.jetty.osgi:jetty-osgi-project." }, "affects": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] } ], "dependencies": [ { "ref": "pkg:maven/org.eclipse.jetty.osgi/jetty-osgi-project@9.4.53.v20231009-tuxcare.2" } ] }